diff --git a/packages/kontinuous/tests/__snapshots__/extends-ovh.dev.yaml b/packages/kontinuous/tests/__snapshots__/extends-ovh.dev.yaml index 3369f4d8dc..9c90dfdff9 100644 --- a/packages/kontinuous/tests/__snapshots__/extends-ovh.dev.yaml +++ b/packages/kontinuous/tests/__snapshots__/extends-ovh.dev.yaml @@ -178,6 +178,8 @@ spec: value: pg-hasura-rw - name: PGPORT value: \\"5432\\" + - name: PGSSLMODE + value: disable - name: PGUSER value: user_feature-branch-1 - name: KUBECONFIG @@ -327,6 +329,8 @@ spec: value: pg-keycloak-rw - name: PGPORT value: \\"5432\\" + - name: PGSSLMODE + value: disable - name: PGUSER value: user_feature-branch-1 - name: KUBECONFIG diff --git a/packages/kontinuous/tests/__snapshots__/extends-ovh.prod.yaml b/packages/kontinuous/tests/__snapshots__/extends-ovh.prod.yaml index 1ccbe6eb13..71ed051c6b 100644 --- a/packages/kontinuous/tests/__snapshots__/extends-ovh.prod.yaml +++ b/packages/kontinuous/tests/__snapshots__/extends-ovh.prod.yaml @@ -334,6 +334,8 @@ spec: value: pg-hasura-rw - name: PGPORT value: \\"5432\\" + - name: PGSSLMODE + value: disable - name: PGUSER value: test-extends-ovh - name: KUBECONFIG @@ -483,6 +485,8 @@ spec: value: pg-keycloak-rw - name: PGPORT value: \\"5432\\" + - name: PGSSLMODE + value: disable - name: PGUSER value: test-extends-ovh - name: KUBECONFIG diff --git a/packages/kontinuous/tests/__snapshots__/override-env-default.dev.yaml b/packages/kontinuous/tests/__snapshots__/override-env-default.dev.yaml index 7402b91c19..0e7f0b9c2b 100644 --- a/packages/kontinuous/tests/__snapshots__/override-env-default.dev.yaml +++ b/packages/kontinuous/tests/__snapshots__/override-env-default.dev.yaml @@ -256,6 +256,8 @@ spec: value: pg-rw - name: PGPORT value: \\"5432\\" + - name: PGSSLMODE + value: disable - name: PGUSER value: user_feature-branch-1 - name: KUBECONFIG diff --git a/packages/kontinuous/tests/__snapshots__/pg.dev.yaml b/packages/kontinuous/tests/__snapshots__/pg.dev.yaml index 28c8202611..4beb63de64 100644 --- a/packages/kontinuous/tests/__snapshots__/pg.dev.yaml +++ b/packages/kontinuous/tests/__snapshots__/pg.dev.yaml @@ -178,6 +178,8 @@ spec: value: cnpg-rw - name: PGPORT value: \\"5432\\" + - name: PGSSLMODE + value: disable - name: PGUSER value: user_feature-branch-1 - name: KUBECONFIG diff --git a/packages/kontinuous/tests/__snapshots__/pg.prod.yaml b/packages/kontinuous/tests/__snapshots__/pg.prod.yaml index d14838fdd4..4d983addb4 100644 --- a/packages/kontinuous/tests/__snapshots__/pg.prod.yaml +++ b/packages/kontinuous/tests/__snapshots__/pg.prod.yaml @@ -255,6 +255,8 @@ spec: value: cnpg-rw - name: PGPORT value: \\"5432\\" + - name: PGSSLMODE + value: disable - name: PGUSER value: test-pg - name: KUBECONFIG diff --git a/plugins/contrib/jobs/cnpg-create-secrets/use.yaml b/plugins/contrib/jobs/cnpg-create-secrets/use.yaml index 71e031abe3..032395a797 100644 --- a/plugins/contrib/jobs/cnpg-create-secrets/use.yaml +++ b/plugins/contrib/jobs/cnpg-create-secrets/use.yaml @@ -13,6 +13,7 @@ runs: PGUSER: "{{ tpl (or $.with.pgUser $.Values.global.pgUser) . }}" PGHOST: "{{ tpl (or $.with.pgHost `cnpg-cluster-rw`) . }}" PGPORT: "{{ tpl (or $.with.pgPort `5432`) . }}" + PGSSLMODE: "{{ tpl (or $.with.pgSSLMode `require`) . }}" HBA_HOST: "{{ tpl (or $.with.hbaHost $.with.pgHost `*`) . }}" HBA_DATABASE: "{{ tpl (or $.with.hbaDatabase `*`) . }}" HBA_USER: "{{ tpl (or $.with.hbaUser `*`) . }}" diff --git a/plugins/fabrique/charts/pg/values.yaml b/plugins/fabrique/charts/pg/values.yaml index 8174176170..ae8e4b2abb 100644 --- a/plugins/fabrique/charts/pg/values.yaml +++ b/plugins/fabrique/charts/pg/values.yaml @@ -71,3 +71,4 @@ jobs-pg: ~tpl~pgSecretName: "{{ index .Values.kontinuous.chartContext 2 }}-app" ~tpl~cnpgDbSecretName: "{{ index .Values.kontinuous.chartContext 2 }}-db" ~tpl~pgHost: "{{ index .Values.kontinuous.chartContext 2 }}-rw" + ~tpl~pgSSLMode: "disable"